Introduction
In current times, privacy concerns are mainly increasingly essential in the online world. This is accepted that cloud computing has been potential for privacy disabling. Along with this, every company needs to secure its data and information in the cloud that represents a huge issue. Security and privacy control is the set of technologies that can be used to provide cloud-related solutions to enhancing privacy or security control over the information. Data encryption is an explicit method that may use by the cloud provider to help in maintaining services and technologies. The main purpose of the report is to understand the possible threats and risks to the security of user data on mobile phones. Also, describes the threats to the privacy of users’ data, activities, and location from the use of the Covidsafe app. The data sovereignty issue that may apply to store the covidsafe data in the US data cloud storage also explains and some recommended points such as security controls, privacy controls, and data sovereignty controls.
1. Data and security risks
Every company focuses on mobile security as there is a chance to get stole their customers’ data by hackers. Currently, all the corporate workers perform their daily tasks through the use of Smartphone’s and which will help them in maintaining and managing their business operations in an easy manner. Mobile phone data risks are enhancing in the year 2020 and due to this most of the users’ difficult while using the mobiles (Aaronson, 2015). There are various risks to the security of users data of mobile phone are described as follows:
Data leakage: It has been analyzed that mobile apps are mainly causing unintentional data leakage which creates a threat to the user’s data. Such threats can happen by the hostile enterprise sign mobile application and such malware programs use the distribution code to the famous operating system such as Android and iOS. It is one of the major issues which leak users’ data and information and use such details to threaten the user and other illegal action (Choo et al., 2017).
Unsecured Wi-Fi: It is another major issue and risk in which when a person gets free Wi-Fi so they will happy but do not understand the threat of unsecured Wi-Fi. Such a network can easily get users’ data and use of such in any dangerous activities. This is not safe for people is to use unsecured Wi-Fi as this will theft and stole all their personal information such as pictures, apps, data and so more. It is a major risk for mobile users and such threats are mainly arise to Smartphone users. Along with this, it is important for users are aware of such an app which may create harm to their data and security of the phone. This will increase the negative influence on the user’s personal information and data effectively.
Network spoofing: The network spoofing arises when the hackers set up the fake access connections that are seen as the Wi-Fi network but it is a trap that can be placed at the public places where a large number of users connect to free Wi-Fi. Such places airports, coffeehouses, restaurants, libraries to motivate users to connect. By this, most of the users attract to this network and connected to such Wi-Fi then all their personal information is leaked. In certain cases, hackers need to develop an “account” to access such free facilities, fill the password (Clement & Obar, 2015). As many users employ a similar password and email with the combination of different services, so hackers are capable to compromise by users’ email and other information.
Phishing attacks: As the mobile phones are always power-driven and also they are front liners of most of the phishing attack (Singi et al., 2020). As per the report of CSO, mobile users are considered as exposed because they are mainly controlled and monitor their email IDs in real-time, after that they opening and reading the emails when they are received. Mobile technology users are vulnerable as the email apps display limited data and information to accommodate the small screen sizes.
It is analyzed that most of the people face risk related to in-linked cloud and financial accounts from the use of the covidsafe app. The government has released that a large number of the user face huge issue while using such an application. Currently, the whole world facing global pandemic threatening due to this all the people stay at home during the lockdown time. The government made a covidsafe app which is a tool that will assist people exposed to coronavirus and this helps support people and tracks such individuals who face COVID 19 (Correia, & Otinpong, 2017). But there is some risk also faced by countries while using this application of COVID. This app uses by Bluetooth to trace the people with whom the users have come with the contact, with the motive of alerting anyone who has contacted COVID positive. But it has been analyzed that this application carries a risk in which users may be falsely alerted when they are not even contacted with the positive one. This may provide wring information and data then this will waste the whole medical team time that is going to their home to carrying them. After they realized that a person is not positive and also not contacted with the positive individual. This thing happens because the Bluetooth radio waves are passed through the glass and walls and it can only evaluate how physically two people close to each other. It is not telling whether the two people in the same room, in various rooms and their cars, are passing each other. Along with this, in the high density of flat, Bluetooth signal is not provided correct information and it could present the false data about the Covid 19 impact. Besides this, this app will create needless stress, tension and it could create a negative impact on the economy by keeping people home unreasonably. False positives data could also reduce the trust of people towards the Covidsafe app.
2. Privacy, location, and activity issues
In the world of information technology, the use of various kinds of applications and services is quite common among Smartphone’s and internet users. The COVID 19 pandemic has resulted in the need for tracing of common people through mobile applications which will help in the mitigation of the pandemic spread in the whole world (de Jong-Chen, 2015). Australia is using the CovidSafe application for the reduction and monitoring of the positive people in the country. These applications come with the negative side of possible threats to the privacy of user’s data, location, and activities which are recorded in the data servers by the use of CovidSafe application.
Cybercrime is increasing as per the evolution of information technology. The cybercriminals are not lacking for creativity and innovation, they are hacking in it. The hackers can hack the personal information for the users of the CovidSafe app which provides the path for hackers through the databases in America (Singi et al., 2020). There are various kinds of threats in which the CovidSafe app consists of the data security, location, and activities of the app users.
Lack of multifactor authentication: The most important threat for security arises due to the use of insecure passwords by the users on the application. The users choose the same passwords for their various accounts which make it easier for hackers to steal personal information from their mobile applications (Esposito et al., 2016). The users will face the security and location issues as the data is being stored in the cloud services of American agencies which provide the potential for security threats of the natives of Australia by using the CovidSafe application for tracing of contacts.
The leak of personal information: the CovidSafe application has a high risk for the leak of personal information of the users. The application requires the contact information, personal information, and other data for the login credentials which are stored in the cloud services of the USA which can be hacked by cybercriminals for various purposes such as identity theft or other crimes. Personal information is very crucial which can be loosely encrypted will provide the chance for stealing.
Location tracking: the CovidSafe application traces the location of the users as the app demands permission to use the location at all times which can be recorded and the personal activities can be monitored by the governments which are a breach in privacy of the users. The application can also monitor the other activities on mobile phones through the CovidSafe application by entering any Trojan horse in the mobile sets of the users of Australia (Esposito et al., 2018).
Data hacking: the data which is being stored in the data servers in the USA can be hacked by hackers or other cybercriminals for various kinds of thefts and indulge the innocent users as the identity of the Australian users will be used in the crimes. The financial information can also be theft by the CovidSafe app as the users are prone to feed the information of finance and bank accounts on their mobile phones. This can result in the conditions of money looting through the use of mobile applications.
CovidSafe app is launched to control the effects of the pandemic in the country and safeguards the people of Australia from getting in contact with the infected person through the use of the application. But the information technology comes with the bane of its usage. The personal information, privacy, location, and activities can be controlled, monitored, or even stolen from the users as the mobile applications have the leakage for the information which is the issue of data security (Langmead & Nellore, 2018). The users can be threatened by the activities and another user as the CovidSafe app is providing the hackers to steal personal information.
The possible threats and safety issues are known to the whole world due to the use of mobile applications like CovidSafe which can monitor the privacy, location, and other activities of the users. The data security is the most relevant issue for the use of CovidSafe users of Australia (Singi et al., 2020). The government has given the data cloud services to the USA which can give the country about the daily information and locations of the users which is a great threat to the privacy of the users. The data theft and information stealing can be done using the location and other activities details by the cloud services which are very important for the people of Australia. The important details which are being stored in the mobile phones of the users can be leaked out using the hacking of the particular apps which are being used for tracing the locations of the pandemic affected people. This is a great threat in information technology as the CovidSafe is prone to be attacked by the enemies of Australia to steal in the personal information of the people of Australia which can be used against the country for various purposes on the international platforms.
3. Data sovereignty issues
Australia is a sovereign country that is using the CovidSafe application for monitoring the contact traces of the people in Australia as per the huge inclined in the cases of COVID 19 pandemic. The pandemic has forced the various countries of the world along with Australia to use mobile applications for the people of Australia to record their locations which can help in contact tracing to reduce the impact and increasing cases of COVID 19 in Australia. The CovidSafe application uses the US-based cloud storage for the collection of the data and information of the users of the app (Millard, 2015). The government of Australia claims that the data and information are under their control but they are using the US-based cloud storage which raises the question of data sovereignty in Australia. The data and personal information will be collected using the app which is not in the interest of the country and the people as this can be used against the country on international platforms.
The data and information will be stored in the cloud storage which is based in the US create the issues of data theft or data leakage which can be used by the US or it can be sold to the other enemies of the country which can be used against the situations of the country in which the data and information will be of great use. Information technology is the new eras in which the wars begin using the data services of the country. The cyber wars are initiated using hackers without revealing the identity of the attacks. Cyber information is the most crucial part of the information which is being used by the countries to store various kinds of information (Polst et al., 2020). The biggest threat to the sovereignty of the country can be a loss of data and information which is highly stored in the computerized machines. This can be used for declaring wars and getting other benefits by threatening the company.
The modern ages include the use of computerized devices which are prone to be attacked by the various virus or malware to hack the information. The use of cloud storage of US-based services can be attacked by hackers which can steal crucial information about the public and can also keep the track record for the public and used in the criminal funding. The issues of data sovereignty can be dealt with by protecting the country’s data and information in the country and do not involve the other parties which can take advantage of the situation to threat or steal the information and affect on the privacy matter of the people of Australia. The data and information theft can be dealt with using the awareness of the people in using the various applications and servers. The awareness of the people needs to be considered for the creation of strong security passwords that are being used by the users on various platforms. This creates the risk of getting hacked on multiple platforms at the same time.
The people need to be aware of the situation in which the data and information related to the confidential matters are required to be remaining confidential for the users for the safety and security of the credentials being used in the mobile applications (Sabillon et al., 2016). The CovidSafe application stores the various kinds of the information and data related to the personal life of the users such as contact information, location sharing, tracking activities, and other permissions such as camera, video, gallery, location, Bluetooth are also used in the application which creates the way for the data leakage and information theft from the private information of the users of Australia. The financial information stored in the mobile devices can also be accessed by hacking the application used for the prevention of the spread of COVID 19 in Australia. The data and information which is specific for Australia can be used by the various countries to deal with the data and information to use in private matters like identity theft and stealing from the bank.
The sovereignty of the country is related to the issues of data and information as the new age uses and stores the data and information for the crucial matters on the electronic devices using the internet storage places. This can be used by the server company for their interest which cannot be proofread by the largest organization as the big corporations like Apple, Google, Twitter, Microsoft have also faced the issues and threats for the data and information (Sargsyan, 2016). The sovereignty can remain for the Australian users of the CovidSafe for creating strong passwords and not saving the credentials on the online platforms which contains the risks for the thefts and other issues related to the privacy breaching of the people of Australia. The use of foreign storage cloud services needs to be changed for maintaining the data issues sovereignty of the country by the Australian government. This will protect the people and the crucial confidential information and data of the personal life of the Australian public.
4. Recommendations:
Security controls:
Security controls are safeguarding which helps in avoiding, protecting, and reduces the security-related risks to the physical property, computer systems, and many more. There are various forms of security controls which include management, operational, and physical security controls. It can be recommended that security controls help in protecting the users’ data while they are tracking for the COVID 19. There are security controls which assist in preventing the loss or breach of data of users that are described as follows:
Regular risk assessment: It is important for the government is to appoint a person who is responsible for handling major risk which arises due to the cases of coronavirus. This assessment is used to review and address the changes and any occurring risks in the data protection of users at the time when they are tracking for covid19 (Shackelford, 2016) . This is an effective control system that helps in reviewing and analyzing risk before anything happened and focuses on threats that may create a negative impact on the country’s goodwill.
Data backup: This is another security control that helps people to save their data and information while they are tracking for the coronavirus. The government also uses this controlling system that is used to secure and safe the personal information of the country’s people and it is considered as effective security that assists in keep secure the users’ data in a proper manner.
Privacy controls
This can be suggested that privacy controls help users to protect their private particularly their location, data, and activity while the government tracking every person through the covidsafe app. While the execution of new mobile applications to flight the covid 19 pandemic then it is important that the government need to take into consideration their privacy laws that assist in preventing their common public privacy. For this, they are required to concentrate on privacy law that helps in dealing with such issues and risks. However, China does not have any privacy law but they are focus on cyber security instead and this will help them protect their health-related data. On the other hand, Europe gains benefit from the currently implemented General data protection regulation (GDPR) that assists in providing the best data security system. All the countries focus on privacy law which can help them in handling the issue of the covidsafe app. During this tough, some danger people perform illegal work in which they could hack the site of the government of the covidsafe app and get the millions of people person details and information for misuse. This will reduce the trust of county citizens towards government actions and in the future, they do not fill any information in the government sites. During the pandemic, privacy control is important for every company, organization, and business houses where they have not come to the office but they need to perform work from home with full data security and privacy. For this, they use only such an app that is accurate and legal by the government. Also, these should be registered in the government sheet then this is considered as legal applications that could not create any threat.
Data sovereignty controls
This can be recommended that data sovereignty controls help in maintaining the collected data of the users through the mobile application. It is an idea that data are subjected to governance and legal structure within a country. With the increase of cloud computing, different nations have passed different regulations and acts around the control and keep the data that helps measure the data sovereignty (Singi et al., 2020). In the time of Covid 19, the common governmental reaction is to think in terms of rules and regulations. Along with this, all the country people agree on whatever is required to contain the condition. In this situation, the government focuses on data sovereignty which is considered as the best approach, and this is based on restoring the trust by providing people that method or equipment which assists in managing their data and information. This data is important for designing the principle of any data application. Such form of data controls assist in managing the people’s details and helps in safe the remaining data which was not shown online as well.
Conclusion
From the above-described report, it is concluded that privacy and security are the major concern during the covid 19 like a pandemic and this will create negate influence in the mind of people. Due to this, most of the individual is feeling stressed and anxiety by this they do not perform proper work at their home as well. The reports discuss the risk and threats that are related to mobile phone users such as data leakage, phishing attack, network spoofing, and unsecured Wi-Fi. Along with this, it is described that privacy data especially to the location, data, and activities which are performed by citizens of a country during the COVID 19. Some recommended points need to use by the government for improvement in this situation such as a focus on data and security controls, privacy controls and data sovereignty controls properly.
References
Aaronson, S. (2015). Why Trade Agreements Are Not Setting Information Free: The Lost History and Reinvigorated Debate over Cross-Border Data Flows, Human Rights, and National Security. World Trade Rev., 14, 671.
Choo, K. K. R., Rana, O. F., & Rajarajan, M. (2017). Cloud Security Engineering: theory, practice and future research. IEEE Transactions on Cloud Computing, 5(3), 372-374. https://ieeexplore.ieee.org/abstract/document/8024044/
Clement, A., & Obar, J. A. (2015). Canadian internet “boomerang” traffic and mass NSA surveillance: Responding to privacy and network sovereignty challenges. Law, privacy and surveillance in Canada in the post-Snowden era, 13-44.
Correia, E., & Otinpong, B. (2017). In Search of a Strategy for Security in the Cloud. In E. Erturk, K. Callum, & D. Skelton, Proceedings of the 8th Annual Conference of Computing and Information Technology Education and Research in New Zealand (pp. 100-104). https://www.citrenz.ac.nz/conferences/2017/pdf/2017CITRENZ_1_Correia_Security.pdf
de Jong-Chen, J. (2015). Data sovereignty, cybersecurity, and challenges for globalization. Geo. J. Int’l Aff., 16, 112. https://heinonline.org/HOL/LandingPage?handle=hein.journals/geojaf16&div=72&id=&page=
Esposito, C., Castiglione, A., & Choo, K. K. R. (2016). Encryption-based solution for data sovereignty in federated clouds. IEEE Cloud Computing, 3(1), 12-17.
Esposito, C., Castiglione, A., Frattini, F., Cinque, M., Yang, Y., & Choo, K. K. R. (2018). On data sovereignty in cloud-based computation offloading for smart cities applications. IEEE Internet of Things Journal, 6(3), 4521-4535. https://ieeexplore.ieee.org/abstract/document/8573800/
Langmead, B., & Nellore, A. (2018). Cloud computing for genomic data analysis and collaboration. Nature Reviews Genetics, 19(4), 208.
Millard, C. (2015). Forced Localization of Cloud Services: Is Privacy the Real Driver?. IEEE Cloud Computing, 2(2), 10-14.
Polst, S., & Feth, D. (2020). Privacy ad Absurdum-How Workplace Privacy Dashboards Compromise Privacy. Mensch und Computer 2020-Workshopband. https://dl.gi.de/handle/20.500.12116/33518
Sabillon, R., Cavaller, V., & Cano, J. (2016). National cyber security strategies: global trends in cyberspace. International Journal of Computer Science and Software Engineering, 5(5), 67. https://search.proquest.com/openview/d678b09e570d574b39f77cf26bb2e9d4/1?pq-origsite=gscholar&cbl=2044552
Sargsyan, T. (2016). Data localization and the role of infrastructure for surveillance, privacy, and security. International Journal of Communication, 10, 17.
Shackelford, S. J. (2016). Protecting intellectual property and privacy in the digital age: the use of national cybersecurity strategies to mitigate cyber risk. Chap. L. Rev., 19, 445. https://heinonline.org/HOL/LandingPage?handle=hein.journals/chlr19&div=26&id=&page=
Singi, K., Choudhury, S. G., Kaulgud, V., Bose, R. J. C., Podder, S., & Burden, A. P. (2020, June). Data Sovereignty Governance Framework. In Proceedings of the IEEE/ACM 42nd International Conference on Software Engineering Workshops (pp. 303-306).